CVE-2023-43510

A vulnerability in the ClearPass Policy Manager web-based management interface allows remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as a non-privileged user on the underlying operating system...

CVE-2022-28226

Local privilege vulnerability in Yandex Browser for Windows prior to 22.3.3.801 allows a local, low privileged, attacker to execute arbitary code with the SYSTEM privileges through manipulating temporary files in directory with insecure permissions during Yandex Browser update process...

CVE-2020-25238

A vulnerability has been identified in PCS neo Administration Console All versions V3.1, TIA Portal V15, V15.1 and V16. Manipulating certain files in specific folders could allow a local attacker to execute code with SYSTEM privileges. The security vulnerability could be exploited by an attacker...

CVE-2020-11507

An Untrusted Search Path vulnerability in Malwarebytes AdwCleaner 8.0.3 could cause arbitrary code execution with SYSTEM privileges when a malicious DLL library is loaded...

CVE-2020-16202

WebAccess Node All versions prior to 9.0.1 has incorrect permissions set for resources used by specific services, which may allow code execution with system privileges...

CVE-2020-23583

OPTILINK OP-XT71000N V2.2 is vulnerable to Remote Code Execution. The issue occurs when the attacker sends an arbitrary code on "/diagpingadmin.asp" to "PingTest" interface that leads to COMMAND EXECUTION. An attacker can successfully trigger the COMMAND and can compromise full system...

CVE-2019-10934

A vulnerability has been identified in TIA Portal V14 All versions, TIA Portal V15 All versions V15.1 Update 7, TIA Portal V16 All versions V16 Update 6, TIA Portal V17 All versions V17 Update 4. Changing the contents of a configuration file could allow an attacker to execute arbitrary code with...

Microsoft Word Code Execution Vulnerability (CNVD-2025-09956)

Microsoft Word is a word processing software in the Office suite of the American Microsoft Microsoft. A code execution vulnerability exists in Microsoft Word, which can be exploited by an attacker to execute arbitrary code on a system...

CVE-2025-24043 WinDbg Remote Code Execution Vulnerability

...

CVE-2025-21371 Windows Telephony Service Remote Code Execution Vulnerability

...

CVE-2020-10640

Emerson OpenEnterprise versions through 3.3.4 may allow an attacker to run an arbitrary commands with system privileges or perform remote code execution via a specific communication service...

CVE-2024-27976

A Path Traversal vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM...

Vulnerabilities fixed in Microsoft Windows

Microsoft has fixed vulnerabilities in Windows. A malicious party can exploit the vulnerabilities to carry out attacks that can lead to the following categories of damage: - Denial of Service DoS - Circumvention of security measure - Execution of arbitrary code User Rights - Execution of arbitrar...

CVE-2025-21338

GDI+ Remote Code Execution Vulnerability...

ROS-20250110-04

Vulnerability of instancecreate method of the program for monitoring and adaptive tuning of system devices tuned is related to insufficient input data validation when processing the instancename parameter. Exploitation of the vulnerability could allow an attacker to conduct spoofing attacks...

Siemens Opcenter Execution Foundation Buffer Overflow Vulnerability

Opcenter Execution Foundation is a Siemens Manufacturing Execution System MES software that monitors and synchronizes the manufacturing activities of all the company's plants worldwide. The software's low-code personalization through embedded Mendix technology enables users to customize the syste...

PT-2024-9555 · Salt +1 · Salt +1

Name of the Vulnerable Software and Affected Versions: Salt affected versions not specified Description: The issue is related to insufficient input validation in the configuration management and remote execution system, Salt. This could allow a remote attacker to cause a denial of service...

SolarWinds Access Rights Manager OpenClientUpdateFile Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Access Rights Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the OpenClientUpdateFile method. The issue results from the lack of...

Oracle PeopleSoft Enterprise PeopleTools 安全漏洞

Oracle PeopleSoft Enterprise PeopleTools is Oracle's technology for providing PeopleSoft applications with the ability to stay in sync with users' needs and expectations. A security vulnerability in Oracle PeopleSoft's PeopleSoft Enterprise PeopleTools product, which originates in the Portal...

CVE-2023-28287 Microsoft Publisher Remote Code Execution Vulnerability

...